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Gaggle Safety Management User Guide / Additional Resources 


Setting Up SSO with Okta 


Created by Corey Tutewiler 

Last updated Mar 21, 2019 by Jerad Burns 


This documentation outlines setting up SSO with Okta acting as the IDP and Gaggle as the SP. 

0 For Authority3 customers, please substitute https://apps.authority3.com in place of 
https://apps.gaggle.net. 

Gaggle Logo for App Setup 

1. Log into Okta dashboard and switch to the 'Classic Ul". 



I 


O) Dashboard 


2. From the main menu select 'Applications' 

3. Click the 'Add Application' button 


::: Applications 



:> Assign Applications 


Q Search 


4. Click the 'Create New App' button 

5. Set the Platform field to 'Web' and Sign on method to SAML 2.0 
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S4. Add Application 


Iabcdefghijklmnopqrst 


Create a New Application Integration 


Can't find an app? ■ 


Apps you created (0) - 


INTEGRATION PROI 


Sign on method 


Any 


Supports SAML 
Supports Provisioning 


® SAML2.0 

Uses the SAML protocol to log users into the app. 

0 OpenID Connect 

Uses the OpenID Connect protocol to log users into 
an app you've built. 


W X Y Z 


Add 


Add 


Add 




Application Delivery Controllers 



6. Set App Name to Gaggle and upload JPG for the App Logo and click Next 


Create SAML Integration 


General Settings 


Configure SAM 


Feedback 


General Settings 


App name 

Gaggle 


App logo (optional) Q 

G gaggle 



GaggleHorizontal.jpg 

Browse.. 


Upload Logo 


App visibility Q Do not display application icon to users 

| | Do not display application icon in the Okta Mobile app 


Next 


7. Under SAML Settings 
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GENERAL 


Single Bign on URL 0 

https ://ap ps.gag gle.net/services/sa m l-sp 

M Use this for Recipient URL and Destination URL 

~~| Allow this app to request other SSO URLs 

Audience URI (SP Entity ID) Q 

https ://ap ps.gag gle.net 

Default RelayState 0 

https ://ap ps.gag gle.net/d o/m a i n| 

If no value is set, a blank RelayState is sent 

Name ID format 0 

Unspecified ▼ 

Application username 0 

Okta username ▼ 

Update application username on 

Create and update ▼ 

Response 0 

Hide Advanced Settings 

Signed ▼ | 

Assertion Signature 0 

Signed ▼ j 

Signature Algorithm 0 

RSA-SHA256 t 

Digest Algorithm 0 

SHA256 t 

Assertion Encryption 0 

Unencrypted t 

Enable Single Logout 0 

J Allow application to initiate Single Logout 

Authentication context class 0 

PasswordProtectedTransport t 

Honor Force Authentication 0 

Yes t 

SAML Issuer ID 0 

http ://www.okta .com/${o rg.externalKey} 


a. Single sign on URL 

i. https://apps.gaggle.net/services/saml-sp 

b. Audience URI 

i. https://apps.gaggle.net 

c. Default RelayState 

i. https://apps.gaggle.net/do/main 

d. SAML Issuer ID 

i. http://www.okta.com/${org.externalKey} 

e. Leave all other settings at their default value 

8. Click Next 

9. Click the radio button for "I'm an Okta customer adding an internal app" 
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10. Click the checkbox for "This is an internal app that we have created" 

11. Click Finish 

12. On the resulting page, in the Settings pane click 'View Setup Instructions' 


Back to Applications 



Gaggle 

Active ▼ 


View Logs 


General Sign On Import Assignments 


Settings 


SIGN ON METHODS 

The sign-on method determines how a user signs into and manages their credentials for an application. Some sign- 
on methods require additional configuration in the 3rd party application. 

Application username is determined by the user profile mapping. Configure profile mapping 

• SAML2.0 

Default Relay State https://apps.gaggle.net/do/main 

SAML 2.0 is not configured until you complete the setup instructions. 

View Setup Instructions j 

Identity Provider metadata is available if this application supports dynamic configuration. 

CREDENTIALS DETAILS 



13. Send the "Identity Provider Single Sign-On URL", "Identity Provider Issuer", and "X.509 Certificate" 
to Gaggle Support. 

How to Configure SAML 2.0 for Gaggle Application 

The following is needed to configure Gaggle 

O Identity Provider Single Sign-On URL: 
https:// 

© Identity Provider Issuer: 

http://M H ~! 

O x.509 Certificate: 

-BEGIN CERTIFICATE- 


-END CERTIFICATE- 

Download certificate 
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okta 


sso 
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